Book Free Call
AI Medical Diagnosis Compliance
compliance

AI Medical Diagnosis: What German Providers Need to Know

Diagnostic AI saves lives. It can also cause serious harm when it fails. That’s why the EU AI Act classifies medical diagnostic AI as high-risk—and why compliance matters so much.

For German healthcare providers and medtech companies, AI Act requirements layer onto existing Medical Device Regulation (MDR) obligations.

Why Diagnostic AI Is High-Risk

Any AI that qualifies as a medical device under the MDR is automatically high-risk under the AI Act. This includes diagnostic imaging analysis, clinical decision support systems, symptom checkers with diagnostic outputs, pathology analysis, and radiology AI.

The classification is explicit in Annex III: AI systems intended as safety components of products covered by EU product safety legislation are high-risk.

MDR and AI Act Integration

Here’s the good news: if you’ve completed MDR conformity assessment, you don’t need a separate AI Act conformity assessment. The notified body process for medical devices now incorporates AI Act requirements.

But you still need to meet the substantive requirements—risk management, data governance, human oversight, technical documentation. MDR compliance doesn’t automatically satisfy every AI Act obligation.

Human Oversight in Healthcare

Diagnostic AI must support, not replace, clinical judgment. The AI Act requires that qualified humans can interpret AI outputs, understand system limitations, identify potential errors, and override recommendations when appropriate.

This aligns with existing clinical practice—but it needs to be documented and systematic.

What This Means Practically

For healthcare organizations using or developing diagnostic AI, compliance requires mapping AI systems against both MDR and AI Act requirements, ensuring notified body processes address AI-specific risks, documenting human oversight procedures, and maintaining risk management throughout the AI lifecycle.

How Compound Law Helps

  • Integrated MDR and AI Act compliance assessment
  • Notified body coordination
  • Clinical AI risk management frameworks
  • Documentation support for dual compliance
  • Ongoing monitoring as requirements evolve

Frequently Asked Questions

Is our radiology AI high-risk? Almost certainly yes. AI that analyzes medical images for diagnostic purposes is high-risk under both MDR and AI Act.

Do we need two conformity assessments? No. MDR conformity assessment is recognized for AI Act purposes, but must address AI-specific requirements.

What about AI for clinical research only? Research AI has more flexibility, but clinical application triggers full medical device and AI Act compliance.

Related Compliance Guides

Enterprise search GDPR compliance Google Drive SharePoint Microsoft 365 Germany
compliance

Enterprise Search GDPR: Google Drive, SharePoint & M365

Enterprise search GDPR for Google Drive, SharePoint, and M365 in Germany. DPA, works council, SCCs, and rollout checklist.
EU AI Act and GDPR legal advisory law firm Germany
Guides

EU AI Act & GDPR Legal Advisory for Companies in Germany

Compound Law advises businesses in Germany on EU AI Act compliance and GDPR. Legal counsel for AI regulatory requirements across the DACH region.
AI API BRAO compliance guide for German law firms
compliance

AI APIs for Law Firms: BRAO Compliance Guide Germany

Using AI APIs as a German law firm: what §43a BRAO, §43e BRAO, and GDPR require for ChatGPT, Claude, and other AI tools in legal practice.

Frequently asked questions

Is our radiology AI high-risk?

Almost certainly yes. AI that analyzes medical images for diagnostic purposes is high-risk under both MDR and AI Act.

Do we need two conformity assessments?

No. MDR conformity assessment is recognized for AI Act purposes, but must address AI-specific requirements.

What about AI for clinical research only?

Research AI has more flexibility, but clinical application triggers full medical device and AI Act compliance.

Book Free Call